Unix Linux Final

Carbonite.
Click the card to flip 👆
1 / 128
Terms in this set (128)
Carbonite.
Which of the following is a popular offsite backup company?
It does not create a bootable clone.
What is one critical area in which Time Machine fails?
Time Machine
Apple's built in, default backup program:
Carbon Copy Cloner.
What was one of the commercial software packages that the book recommends for a bootable backup?
Two Backups
For backing up data, best practice calls for at least:
A safety deposit box.
Which of the following is recommded to store an offsite backup?
One full backup onsite.
One full backup offsite.
One Internet-based backup.
Which three options describe the types of backups that are most common? (Choose three.)
An exact duplicate of the original drive.
A bootable clone is:
Low resource requirements.
One of the benefits of Time Machine is:
?
There are many sources of data loss. The top contenders include(Choose all that apply):
Data LossMost computer users don't backup until they have experienced:Runs in the background every hour without user intervention.Time Machine:Double the size of your data.As a rule, the backup drive should be at least:This permission is only granted to applications that are signed with the same key as the application that declared the permission:Signature.These permissions give access to user data or some form of control over the device:Dangerous Protection Level.This is the �strongest� permission level because it requires the possession of a cryptographic key, which only the app (or platform) owner controls:Signature.On top of the kernel is the:Native userspace layerAndroid applications can access only their own files and any world-accessible resources on the device because they are:Sandboxed.Android supports verified boot using the:NOT Boot verified. NOT SafeBoot. NOT BootMe.The Android OS is built on the:Linux KernelThis defines a permission with low risk to the system or other applications as it relates to Permission Protection Levels:Normal Permissions.Which of the following Virtual Private Network (VPN) protocols are supported by Android? (Choose all that apply):L2TP/IPSec IPSec Xauth SSL-Based PPTPOne Android-specific addition is requiring processesthat want to create network sockets to belong to the group inet. This Android kernel addition is known as:Paranoid network security.Android automatically assigns a unique UID,often called a(n)App ID.This is a MAC implementation for the Linux kernel and has been integrated in the mainline kernel for more than 10 years:SELinux.Which of the following are used to backup Android devices? (Choose two)Cloud Backup. Local Backup.Because the standard IPC mechanisms weren�t flexible or reliable enough, a new IPC mechanism was developed for Android called:Binder.These are included in the OS image and cannot be uninstalled or changed by users:System AppsAs in any Unix system, this provides drivers for hardware, networking, file system access, and process management in The Android OS:The kernel.Which three options describe the types of package amangement used by Android? (Choose three.)Installing a Local Package. Code Signing. APK Install Process.Permissions are assigned to each application:At install time.Android�s security model takes advantage of the security features offered by the:Linux kernel.It is not possible to decipher any of your traffic (user names, passwords, data) or even the type of data coming and going. When using this technology:VPNApple does not have a back door to break the encryption for these two communication apps:Messages and FaceTimeMicrosoft Office 365 uses which encryption method?AES-256Archives created with Disk Utility in the macOS are readable on :Only a macOS/OS X computer.A few applications are designed with document security in mind and offer their own encryption scheme. Two common examples are:NOT Adobe Acrobat Pro Adobe Office Suite NOT Microsoft Office Microsoft AcrobatThis encryption format is considered strong and may be used for HIPAA, SEC, legal, and other high-security needs:AES-128The translation from FQDN to TCP-IP address is done by way of the:Domain Name System (DNS)Internet provider is usually your DNS provider. This allows them to monitor and log most of your Internet activity:Without your consent or knowledge.Once the data exits the VPN server:NOT It belongs to your ISP. NOT It is still encrypted. readableThese encryption foramts are considered secure, as long as strong passwords are used (choose all that apply):AES-256 AES-128One way to encrypt a file is to:Password Protect A Document.There are two fundamental flavors of VPN. The most common is:Gateway VPNWhen the need to email sensitive data to someone else or pass a sensitive document via any storage device, this should be done to ensure the data arrives as intended:Encrypt the file.There are several network protocols that may be used for encryption. The book recommends:IKEv2This is law in most countries, so that government agencies can review who is doing what through the VPN:To maintain user activity logs.When using open wireless, proper security dictates the use of:Virtual Private Network (VPN)If you are using your default DNS server (typically one by your Internet broadband provider), data between your system and the DNS server is:Not encrypted and is recorded.This strategy places multiple computers within the same virtual network regardless of here they are geographically located on the Internet. This is what type pf VPN?Mesh VPN.This is typically used to route all external traffic for a specific IP address, regardless of service request, to a specific computer: Route IP (Open Source) IP Route by Apple Siegfried line Demilitarized ZoneDemilitarized ZoneWhile this it is very difficult to do, this protocol has been broken. Despite that, it is still the most secure Wi-Fi Protocol: WPA2 WPA WEEP WEP2WPA2Ethernet and Wi-Fi networks can be protected from unwanted insertions by implementing the 802.1x protocol, also known as: TACACS+ TACACS RADIUS DIAMETERRADIUSThis attach which most often attempted via email, is the attempt to acquire your sensitive information by appearing as a trustworthy source: Trojan FoolMeOnce Trusting PhishingPhishingIntroduced in 1999, was the first encryption protocol for Wi-Fi: AES WPA WIFI 1.0 WEPWEPThis protocol superseded WEP in 2003: WPA WPA2 WEP 2.0 WANNA WEEPWPAThe reason remote support that requires a reboot may become an issue when using FileVault is: The macOS will reboot over and over. The macOS will reboot into an encrypted mode, which is not supported by all remote software packages. The macOS will reboot into Single-User mode. The macOS will reboot into Apple Pi ala mode.The macOS will reboot into an encrypted mode, which is not supported by all remote software packages.This effectively turns the computer into an external drive that can connect via Firewire or Thunderbolt. External Drive Mode. Recovery HD Mode. Target Disk Mode. Single-User ModeTarget Disk Mode.This often attempts to alter the built in basic security controls in a router so that either the malware or the criminals behind the malware have an easier time harvesting data: The Alternate Reality Software Trojan Protocols Malware FileVaultMalwareThis Browser�s policy is to keep no information on user searches, nor does it track search queries via IP addresses.: Google GooseGooseDuck DuckDuckGo Yahoo!DuckDuckGoThere are two security issues with Ethernet: Cable Hopping Broadcast Hubs Insertion Ethernet worms SkittlesBroadcast InsertionWhile this does not prevent your company IT department or Internet Provider from seeing or recording your browsing habits, it will clear all cookies and browsing history from the browser itself: ClearMyBrowser Browse Safe Secret Squirel Mode Private BrowsingPrivate BrowsingSoftware that inspects data traffic between the internet and internally connected devices: Router Access Point Security Switch FirewallFirewallEvery device that can connect to a TCP network has an unique: Internet Protocol Address Media Access Control Address Transmission Control Protocol Address Root AddressMedia Access Control AddressHTTPS uses this encryption protocol to ensure that all traffic between the user and server is military-grade encrypted: Transmission Layer Security Secure Socket Layer Data Link Layer Security Layer 8 SecuritySecure Socket LayerThese perform deep packet inspection to further protect the network from outside intruders. (choose all that apply): Deep Insptector iOS IDS DPS PDS IPSIDS IPSA hardware component that allows tens or hundreds of wireless (Wi-Fi) devices to connect to it: Switch Router Wi-Fi Thingy Access PointAccess PointEthernet is safer than Wi-Fi, however, if you or your business requires the utmost in security, it is mandatory to: Encryptyour Data Get off the grid Build an Intranet Use Wi-Fi onlyEncryptyour DataSending data through copper wire effectively turns that wire into a very large: Hose Pipeline Receiver AntennaAntennaThis protocol works with both Ethernet and Wi-Fi, mandating that anyone attempting to join the network authenticate with their own personal name and password: RADIUS ETHER-FI SEMPER FI RTACACS+RADIUSThe Extensible Firmware Interface chip can be:Password protected.The purpose of a firewall is to:Block unwanted attempts to get into or communicate with your computer.On macOS, ports are opened by:Enabling sharing services from the Sharing System Preference, and by some applications.It is important to only have those ports open that are necessary to perform your work:To best secure your computer.For Find My Mac to function, the following must happen (choose all that apply):-Find My Mac has been enabled for the computer -An iCloud account has been activated. -The computer has been logged in with a user account. -The computer is connected to the Internet via Wi-Fi for geolocation. -The computer is turned on.At least one port number assigned to any one:Communication task.This will effectively close all but the most essential ports:Enabling Block all incoming connectionsFind My Mac is able to locate your computer usually within:6 feet.Apple computers use a chip on the logic board for part of the boot process. It is the:Extensible Firmware Interface chip.Whenever a computer, mobile device, or network device needs to communicate with the outside world�say, to print, receive or send email, or surf the web�it must open a(n):Port.The thief won�t be able to access your account or data with:FileVault 2 enabled.Which of the following does the book state that removing the Firmware Password is called for? (choose all that apply)Selling or giving the computer away. Bringing the computer in for hardware or software service.Ports are numbered from (total number of ports):1-65535At least one port number assigned to any one:Communication task.As it relates to FileVault, using the Terminal to enter the appropriate command is necessary to:Temporarily disable FileVault.The current version of the encryption tool used by the macOS is:FileVault 2The reason remote support that requires a rebootmay become an issue when using FileVault is:The macOS will reboot into an encrypted mode, which is not supported by all remote software packages.It is a trivial task for someone else to sit down in front of the computer and access all your data:When a Sleep Or Screen Saver password is not set.Which of the following is one of the two methods suggested by the book to disable stoage devices?Disable the software controlling USB, FireWire, or Thunderbolt storage devices.In some environments, it is appropriate to block access to USB, FireWire, or Thunderbolt storage devices. Why?So that users cannot copy sensitive (or any) data.This effectively turns the computer into an external drive that can connect via Firewire or Thunderbolt.Target Disk ModeIn order, Disable USB, FireWire, And Thunderbolt Storage Device Access you must:Login as RootOnce FileVault has been enabled:It may take 1-5 days for the encryption to complete on a spinning hard disk drive.To protect your computer, the encryption software provided as part of the macOS:Enables military-grade AES-256 full disk encryption.Everyday, Symantec reports they receive new malware/virus signatures. The books states it can be as many as:40,000Which of the following is one of the two methods suggested by the book to disable storage devices?Install a third-party utility to control access.It is recommended that in addition to using FileVault to encrypt the drive:Set the EFI chip password.When setting up FileVault a randomly generated password is presented by:Selecting Create a recovery key.In this state, only the Root user account is active:Single User ModeThis mode allows booting into the otherwise invisible Recovery HD partition:Recovery HD Mode.Depending on how one chooses to measure, there are from 500,000�40,000,000 malware in the field that impact (choose all that apply):Android iOS macOS Windows Internet of Things UNIX/LinuxMost people know this category of software as Antivirus, but there are so many other nasty critters out there. Those include which of the following three?Trojan horses. Spyware Phishing Attacks.Updates slow down the device.Most computer and mobile device users simply fail to update their systems.One of the main reasons is:Significantly change performance.Updates rarely:Patching vulnerabilities and security holes in the system.Many updates and upgrades are about:All users update all computers and mobile devices �as soon as possible".Fixing these security issues is so important that US-CERT (Homeland Security division repsonible sible for cyber terrorism and IT security) strongly recommends that:Is to patch newly discovered security holes.One of the most important reasons for an update:Check for updates daily.To protect your computer from security holes in the operating system, it is recommended that you:Automatiic updates.Apple makes updating easier by allowing for:Create a root account.Instead of logging in as the administrsator account, a better practice is to:Enable whitelisting.This can be done with with parental controls:Root.This account cannot be created or enabled from System Preferences:Root.This account is present out of the box but is disabled by not having a password assignedSecurity patches Monetization Bug fixesThere are fundamentally three reasons for updates and upgrades:Administrator. Sharing Only. Standard.Which of the following are Apple user designations? (choose all that apply)Which of the following is and Apple Password Recommendation? -Change it after each use -Once you have a good one, leave it alone -Minimum 8-chatacter length -Use all of the same letter or number-Minimum 8-character lengthWhich of the following is and Apple Password Recommendation? -Must be kept in a file on the desktop -Must not contain the use's account name value -Must contain the user's account name value -Must be kept under the keyboard -Must be told to at least 3 other people in case you forget it-Must not contain the user's account name valueWhich of the following is and Apple Password Recommendation? -Use your pets name -Include both upper and lowercase letters -user your neice's name and birthday -Use only uppercase letters-Include both upper and lowercase lettersWhich of the following is good practice as it related to passwords? -Educate your users not to re-use their password for non-work-related purposes. -Have your users find one good password that they can use everywhere. -Change it in the spring and in the fall when you change your clocks. -Make it easy to remember or guess in case you forget it.-Educate your users not to re-use their password for non-work-related purposes.Which of the following is a US-CERT Password Recommendation? -Minimum 30-character length for administrators. -Minimum 15-character length for all users. -Minimum 8-character length for administrators -Minimum 15-character length for administrators.-Minimum 15-character length for administrators.Which of the following is a US-CERT Password Recommendation? -Not listed in a dictionary of any major language. -Should be the biggest word in the dictionary of your native language. -Five times the size of your name -Exactly the size of your favorite word-Not listed in a dictionary of any major language.Which of the following is a US-CERT Password Recommendation? -Not guessable by any program in a reasonable time frame -Should take a minimum of 6 months for a hacking program to crack it -It cannot be encrypted because the NSA forbids it -Use only numbers-Not guessable by any program in a reasonable time frameBy default, your Mac stores most usernames and passwords used to access: -past memories -your atm pass-code -Wi-Fi networks -Only the Time Machine backup-Wi-Fi networksHow many locations does your mac use to store the keys from the key chain? -one -five -two -seventeen-twoWhich of the following is where key chain stores the passwords? -/Storage/Passwords/keychain -/Users/Keychain/Storage -/Passwords/Keychain -~/Library/Keychain-~/Library/KeychainWhich of the following utilities is used to view the Keychain Database? -Access Keychain -Keychain Access -Keychain Utility -Time Machine-Keychain AccessWhich of the following are Apple recommendations for passwords? (choose all that apply) -Forgetting where you put your data -Minimum 8-character length -The dog burried it in the back yard -At least one number -Include both upper and lowercase letters -For a stronger password, add additional characters and punctuation marks-Minimum 8-character length -At least one number -Include both upper and lowercase letters -For a stronger password, add additional characters and punctuation marksWhich of the following is a US-CERT Password Recommendation? (Choose all that apply) -Private and known only by one person -Keep it written down in several places -Share it with at least two other people -Not stored in lcear text in any file or program, or on paper -Use a dictionary word -A mixture of at least 3 of the following: upper case, lower case, digits, and symbols-Private and known only by one person -Not stored in clear text in any file or program, or on paper -A mixture of at least 3 of the following: upper case, lower case, digits, and symbols